Posted By

romanos on 05/29/08

Tagged

get xss hacker

Versions (?)

Who likes this?

3 people have marked this snippet as a favorite

heinz1959
vali29
wirenaught

Prevent any possible XSS attacks via $_GET

/ Published in: PHP

This function from php-fusion - great CMS.

Expand | Embed | Plain Text

// Prevent any possible XSS attacks via $_GET.
foreach ($_GET as $check_url) {
	if ((eregi("<[^>]*script*\"?[^>]*>", $check_url)) || (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
		(eregi("<[^>]*iframe*\"?[^>]*>", $check_url)) || (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
		(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) || (eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
		(eregi("<[^>]*form*\"?[^>]*>", $check_url)) || (eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
		(eregi("\"", $check_url))) {
	die ();
	}
}
unset($check_url);

Report this snippet Tweet

Comments

Subscribe to comments

Posted By: skymuss on April 1, 2009

and this one ? ;-)

have fun skymuss

Posted By: skymuss on April 1, 2009

and this one ? ;-)

have fun skymuss

Posted By: skymuss on April 1, 2009

and this one ? ;-)

have fun skymuss

Posted By: romanos on July 5, 2009

this is very simple, but better then nothing

Comment:

You need to login to post a comment.

Posted By

Tagged

Versions (?)

Who likes this?

Prevent any possible XSS attacks via $_GET

Related snippets

Comments

Choose a language for easy browsing: